Paul Luehr knows a thing or two about security, the law and "Bring Your Own Device," or BYOD.
Formerly a federal prosecutor and supervisor of the Internet fraud program at the Federal Trade Commission, Luehr is a managing director at Stroz Friedberg, a global data risk management company with a cyber-crime lab. He focuses on computer forensics, investigations and discovery.
BYOD has led to an increase of mobile devices, cloud storage repositories, different kinds of data types, and, of course, data theft by disgruntled employees. "The number of cases we have involving mobile devices has probably doubled in the last three years," Luehr says.
While there's a lot of hand-wringing over BYOD and mobile security-some would say it's "over-hyped"-Stroz Friedberg deals with real cases concerning data breaches. Luehr sat down with CIO.com to talk about what kinds of threats he's seeing, how companies are reacting, and where they're falling short.
There's been lots of talk about the mobile BYOD security threat. But is it real or hype?
There's a two-pronged answer to your question. Broadly speaking, we usually break down threats against the network into two vectors.
The external vector, which would be the hacker coming in from overseas trying to penetrate the network, continues to come through the traditional avenues and not necessarily BYOD. The people who say that the threat is overhyped may be accurate if they're talking about external threats.
But this leaves out another large dimension of security. BYOD policies certainly have raised the risk to companies with regard to the internal threat. Probably the most dangerous person to an organization is the disgruntled employee who is about to walk out the door. That person has access to the network. With BYOD, they have more ways to connect to that network and move information around.
I think that the security risk, in terms of the internal vector, is already here and quite large.
Have you seen a rise in BYOD data breaches in your business?
Absolutely, especially in the forensics area around employment matters. There are lots of cases we've nicknamed "Bad Leaver" cases, as in, somebody left and it was bad. When an employee leaves to a competitor, there's often concern that the employee may have taken intellectual property.
In those types of cases, we're seeing BYOD come front and center into the investigation. Rather than just looking at the server, email or desktop computer, now we're often looking at the smartphone, iCloud or Dropbox account, or Gmail.
Most of the breaches we're seeing are still directed at the servers where the most valuable and sensitive data resides. However, more and more mobile devices are an avenue to breach an organization. From a pure security point of view, BYOD is presenting many challenges.
Sign up for CIO Asia eNewsletters.